1 /* 2 * Copyright (C) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 #ifndef OHOS_WIFI_CONFIG_HKS_H 16 #define OHOS_WIFI_CONFIG_HKS_H 17 #if defined(FEATURE_ENCRYPTION_SUPPORT) || defined(SUPPORT_LOCAL_RANDOM_MAC) 18 #include <string> 19 #include <vector> 20 #include "hks_api.h" 21 #include "hks_type.h" 22 #include "hks_param.h" 23 24 namespace OHOS { 25 namespace Wifi { 26 constexpr uint32_t AES_COMMON_SIZE = 2048 + 16; 27 constexpr uint32_t AAD_SIZE = 16; 28 constexpr uint32_t NONCE_SIZE = 16; 29 constexpr uint32_t AEAD_SIZE = 16; 30 constexpr uint32_t AES_256_NONCE_SIZE = 32; 31 constexpr uint32_t MAX_UPDATE_SIZE = 64 * 1024; 32 33 const uint8_t AAD[AAD_SIZE] = {0}; 34 35 class EncryptedData final { 36 public: 37 std::string encryptedPassword = ""; 38 std::string IV = ""; EncryptedData(const std::string password,const std::string inputIV)39 EncryptedData(const std::string password, const std::string inputIV) 40 { 41 encryptedPassword = password; 42 IV = inputIV; 43 } EncryptedData()44 EncryptedData() {} ~EncryptedData()45 ~EncryptedData() {} 46 }; 47 48 class WifiEncryptionInfo { 49 public: 50 std::string fileName; 51 static constexpr char WIFI_ENCRY_KEY[] = "WifiEncryHksAes"; 52 struct HksBlob keyAlias; SetFile(const std::string file)53 void SetFile(const std::string file) 54 { 55 fileName = WIFI_ENCRY_KEY + file; 56 keyAlias = { fileName.length(), (uint8_t *)&fileName[0] }; 57 } WifiEncryptionInfo(const std::string file)58 explicit WifiEncryptionInfo(const std::string file) 59 { 60 SetFile(file); 61 } WifiEncryptionInfo()62 WifiEncryptionInfo() {} ~WifiEncryptionInfo()63 ~WifiEncryptionInfo() {} 64 }; 65 66 /** 67 * @Description Set up Huks service 68 */ 69 int32_t SetUpHks(); 70 71 /** 72 * @Description Generate new or get existed GCM-AES key based on input encryptionInfo and genParamSet 73 * @param keyAlias - keyAlias info 74 * @param genParamSet - generate params 75 * @return HKS_SUCCESS - find key, others - find key failed 76 */ 77 int32_t GetKeyByAlias(struct HksBlob *keyAlias, const struct HksParamSet *genParamSet); 78 79 /** 80 * @Description Encrypt inputString using GCM-AES based on input encryptionInfo 81 * @param wifiEncryptionInfo - keyAlias info 82 * @param inputString - plaint string that needs to be encrypted 83 * @param encryptedData - encrypted result with encrypted string and IV value 84 * @return HKS_SUCCESS - encryption success, others - encryption failed 85 */ 86 int32_t WifiEncryption(const WifiEncryptionInfo &wifiEncryptionInfo, const std::string &inputString, 87 EncryptedData &encryptedData); 88 89 /** 90 * @Description Decrypt encryptedData using GCM-AES based on input encryptionInfo 91 * @param wifiEncryptionInfo - keyAlias info 92 * @param encryptedData - encrypted result with encrypted string and IV value 93 * @param decryptedData - string after decryption 94 * @return HKS_SUCCESS - decryption success, others - decryption failed 95 */ 96 int32_t WifiDecryption(const WifiEncryptionInfo &wifiEncryptionInfo, const EncryptedData &encryptedData, 97 std::string &decryptedData); 98 99 /** 100 * @Description Import GCM-AES key based on input encryptionInfo and default genParamSet 101 * @param wifiEncryptionInfo - keyAlias info 102 * @param key - GCM-AES key(Hex string) 103 * @return HKS_SUCCESS - Import key success, others - Import key failed 104 */ 105 int32_t ImportKey(const WifiEncryptionInfo &wifiEncryptionInfo, const std::string &key); 106 107 /** 108 * @Description Delete existed GCM-AES key based on input encryptionInfo and default genParamSet 109 * @param wifiEncryptionInfo - keyAlias info 110 * @return HKS_SUCCESS - Delete key success, others - Delete key failed 111 */ 112 int32_t DeleteKey(const WifiEncryptionInfo &wifiEncryptionInfo); 113 114 /** 115 * @Description Encrypt inputString using GCM-AES based on input encryptionInfo 116 * Used for encryptedData is biger than 100k 117 * @param wifiEncryptionInfo - keyAlias info 118 * @param inputString - plaint string that needs to be encrypted 119 * @param encryptedData - encrypted result with encrypted string and IV value 120 * @return HKS_SUCCESS - encryption success, others - encryption failed 121 */ 122 int32_t WifiLoopEncrypt(const WifiEncryptionInfo &wifiEncryptionInfo, const std::string &inputString, 123 EncryptedData &encryptedData); 124 125 /** 126 * @Description Decrypt encryptedData using GCM-AES based on input encryptionInfo 127 * Used for encryptedData is biger than 100k 128 * @param wifiEncryptionInfo - keyAlias info 129 * @param encryptedData - encrypted result with encrypted string and IV value 130 * @param decryptedData - string after decryption 131 * @return HKS_SUCCESS - decryption success, others - decryption failed 132 */ 133 int32_t WifiLoopDecrypt(const WifiEncryptionInfo &wifiEncryptionInfo, const EncryptedData &encryptedData, 134 std::string &decryptedData); 135 136 /** 137 * @Description Generate MacRandomization Secret 138 * @param keyName - keyAlias name 139 * @param data - data for hmac sha256 140 * @param outPlant - hashed vector 141 * @return HKS_SUCCESS - hmac sha256 success, others - failed 142 */ 143 int32_t WifiGenerateMacRandomizationSecret(const std::string &keyName, 144 const std::string &data, std::vector<uint8_t> &outPlant); 145 } 146 } 147 #endif 148 #endif